package com.hsd.znsh.config;


import com.hsd.znsh.security.app.APPSecurityConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@Order(1)
public class ZnshApiSecurityConfig extends WebSecurityConfigurerAdapter {

	@Autowired
	private APPSecurityConfig appSecurityConfig;

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.antMatcher("/app/**")
			.apply(appSecurityConfig)
				.and()
			.authorizeRequests()
				.anyRequest()
				.permitAll()
				.and()
			.csrf().disable();
	}

	@Override
	public void configure(WebSecurity web) throws Exception {

	}

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {

	}
}
